Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes "A small U.S. university has come up with a novel solution to reduce the possibility of using a dead person's hand to get past a fingerprint scanner through the use of hemoglobin detection. The device quickly checks the fingerprint and hemoglobin 'non-intrusively' to verify the identity and whether the individual is alive. This field of research is called Biocryptology and seeks to ensure that biometric security devices can't be easily bypassed."

Who said anything about dragging? Just ask politely, and don't forget to mention that you have a direct communication line to people holding a 12 gauge shotgun to their kid's forehead. People are surprisingly cooperative when you press the right button. Or in other words, threaten to pull the right trigger...

Seems the only solution is not to have secrets or possessions worth guarding with security systems. But it's probably still too soon for our society to accept that...

For the last bit, this is probably a desired feature. You'd -want- the device to be able to detect if you're under duress.

You assume that the device would be rigged to do something to help you in that event. "Warning: Elevated blood pressure detected. Access to secure area denied." (a few seconds later) *BANG!* "Okay, bring me the next one, Terrorist Bob."

Skin resistance using contacts built into the fingerprint-reader ; microphone for breathing rate (arrange the wall-mounted reader so that you've got to have your mouth in a certain place, where the microphone is, for signal-to-noise ratio improvement. Say, use two fingerprint readers metre apart, to be operated simultaneously ; put microphone in wall 0.75m above the midpoint of the two fingerprint sen

Is there such a thing as an emergency PIN/password? I.e. a secondary password that lets you in just the same, but quietly alerts authorities that you are being coerced? There is an urban legend that says ATM PINs entered backwards do this, but they're just that -- legends.

That's not really the point of biometrics. You should technically still use a password. Its something you know, something you have, something you are.
The biometric passes the third test but a secure facility would still require the other two.
In addition biometric can't be given out. Passwords tend to make the rounds. Of course the most common use of biometrics are in timeclocks to make sure the person is actually present at work.

No, unless you actually clamp the finger so you can control all the light hitting it, telling hemoglobin oxygen levels by color is overwhelmed by skin color or by anything that calluses the fingers, such as playing guitar, or that keeps them abraded, such as dishwashing. In fact, doing fingerprints on stay-at-home parents with many children presents its own issues.

A pulse is easier to detect by movement, but is still useless against the "gummy worm" fake fingerprint attack, documented over a decade ago at h

Well, I beg to differ on that particular point. The technology to reliably detect that published attack has been (and is being) shipped in a major OEM's Enterprise level laptops for several years. Call your salesman if you'd like to know if yours has it.

Unfortunately, not all OEMs that include fingerprint sensors choose to include antispoof features. Most consumer grade laptops, for example, don't. So when you go buy that $300 special down at Best Buy, don't go crowing that you can build a spoof for it -

Gives the attacker motive to kill someone with CO poisoning then, it will be read as oxygenation (CN can have a similar effect - also it means anyone going through such a coded lock may not be allowed to have painted fingernails, not that that's such a big deal)

It measures "Pulse Oximetry" which measures the ratio of oxygenated vs. deoxygenated hemoglobin in the blood by measuring infrared absorption at two wavelengths, wavelengths Î1=630 nm and Î2=940 nm. Here's the relevant information from their patent application at line 82, the preferred embodiment of the invention in
http://www.faqs.org/patents/app/20120119089 [faqs.org]:

DESCRIPTION OF A PREFERRED EMBODIMENT OF THE INVENTION

[0082] Basically, the invention is based on the transmission properties of quasi-

At a glance the patent seems to be for a very specific approach to measuring pulse oximetry. The approach seems near identical to US patent 5737439 Anti-fraud biometric scanner that accurately detects blood flow [google.com]. In any event the basic technique for using pulse oximetry for liveness testing is described in Sandstrom, "Liveness Detection in Fingerprint Recognition Systems", 2004 and Hill & Stoneham, "Practical applications of pulse oximetry", 2000. The use of two IR absorption measurements is not nove

Re: The use of two IR absorption measurements is not novel (see patent 5737439).;>)
correcto, they do in fact cite that particular patent in their own patent. Note the quote I included in my GP post also mentions the use of UV wavelengths too for measuring skin.

But, if I paste the fingerprint on a shaved section of a little dogs ass, then, not only have I hacked my way in, I have MADE everyone using the lock after me, touch a little dogs ass.Filthy technology, go wash your hands.

The ignorance is astounding. HIPAA only applies to medical professionals (and even then, only those who conduct business electronically, which in practice means everyone, but in theory, some backwoods doctor with a paper-only record keeping system, accepting only cash for payment, and no land line could POSSIBLY skirt the law)

There is no law in the United States which generally prohibits storage and processing of medical information. It does not apply to you or to a company making security devices.

You know, that is the funny thing about laws.... They can and often do change. I believe all biometrics stored electronically should have the protections of HIPPA. So much can be learned from them that if they fall into the wrong hands can be just as devastating as if a hospital released all your files. Things like this scanner that ca

Does the device only check for pulse or does it also compare to the person's normal blood pressure (which was obtained upon registration into the system) to make sure the person being authenticated isn't being coerced into granting access to unauthorized personnel/burglars, etc???

If this device is being used at a location where a human cashier is working, just get the cashier to look at the thumb pad while the person is pressing their thumb against it. If the employee sees a thumb being held in another set of fingers, or sees a thumb whose tip shows signs of being surgically stitched onto a stub, he or she presses the "Hold transaction" button on the register and asks for ID or calls the police as appropriate. The additional check would be needed for locations where there is no huma

Here's a good reason why: What happens when someone manages to steal your password? You change it. What happens when someone managed to recreate your DNA or other biological identifier used for authentication? Good luck getting new DNA or fingerprints.

An adult hand with even the same DNA as another would still not necessarily have the same fingerprints. Although the precise process by which they are formed is subject to some debate, it is generally agreed that fingerprints are formed by some combination of environmental factors in the womb between roughly the 10th and 17th week of development. Even identical twins, with identical DNA, have distinct fingerprints.

It's easier than that. Dust for fingerprints and have a 3d printer make a mold for fingers with those fingerprints. Grab a stray hair follicle, and amplify a bunch of DNA using standard protocols. Mix the DNA into some gelatin and pour it into the mold. Run some tubing through the mold hooked up to a perstaltic pump to simulate the pulse.

Here's a good reason why: What happens when someone manages to steal your password? You change it. What happens when someone managed to recreate your DNA or other biological identifier used for authentication? Good luck getting new DNA or fingerprints.

A fingerprint is also something convenient that most people have with them at all times that can be used as a second factor for authentication.

If a PIN/password is good enough, than PIN/password+print would be better in virtually all cases.Same for a credit card with no additional checks vs. a card+print

The title is wrong. This is not checking for a pulse. If it were, then people with artificial heart pumps like Dick Cheney wouldn't be able to use it. They are alive, but do not have a pulse.

That said, I could see something like this checking for a pulse. This brings up the interesting problem of how to handle biometric checks for people who don't have those biometrics. Not everyone has fingers. Not everyone has eyes. Not everyone has a pulse. Maybe you don't care about that, as you don't have any of them among your target users, but what happens when that changes? You need a plan to handle that.

I would speculate that Cheney does have a pulse, even if it is triggered mechanically, as a pulse is the rhythmic pumping of blood around the circulatory system to oxygenate the organs and extremities.

It might be very rapid and fairly flat (or slow and big), but it would still be there and measurable.

My understanding is that he didn't (another poster pointed out that he has since received a heart transplant). I'm under the impression that the artificial heart in question produced a steady flow, more like a fan than a traditional pump. Technically, there would undoubtedly be some variation or vibration that could be considered a pulse, but it's the sort of thing that would be within the noise level of a normal pulse, not something likely to be detected. It would also likely be the case that other move

The LVAD doesn't give you a pulse. It uses archimedes screws. However, usually it just assists your heart. In some cases though the patients heart dies off and this is the only thing keeping them alive at which point they lose their pulse.

re This is not checking for a pulse..
Look at the application for the patent assigned to the company involved. The patent details say that it measures the change in oxygenation levels which varies slightly as each heartbeat pumps more blood through the vascular system. Here are some details. (it doesn't measure blood pressure, like some people were guessing above, it measures hemoglobin oxygenation/deoxygenation levels)..
It measures
"Pulse Oximetry" [wikipedia.org] which measures the ratio of oxygenated vs. deoxyg

My point isn't that this isn't an interesting technology. It's that we need to be careful in designing systems to watch out for the edge cases. As long as there's a plan in place for handling them, everything is fine.

And of course you see this sort of comment on Slashdot. I work as a software engineer. If I ignored a case that was only a ten in a million case (0.001%), I would be flooded with field issues. In the real world, you can test for the common cases, but you have to design for the tricky ones.

There is only one paragraph that mentions anything about the technology, and that is the paragraph in the summary here.The rest reads like filler material and pimping the advantages of investing/working in the upper midwest.

A replacement for credit cards that is even less secure than the current ones doesn't sound like a good idea to me.

If this is just checking for the presence of capillaries, I can't think of any reason that it couldn't trivially be fooled by a slight tweak to the gummy bear trick in which you stick the glue pattern print onto a shaved elbow instead of a gummy bear.

If, on the other hand, this is trying to determine who you are based on the pattern of blood vessels, I suspect that the methodology is just plai

re I was hoping for more details..
Look at the patent application for this assigned to the company involved. It measures the change in oxygenation levels which varies slightly as each heartbeat pumps more blood through the vascular system. Here are some details. (it doesn't measure blood pressure, like some people were guessing above, it measures hemoglobin oxygenation/deoxygenation levels)..
It measures
"Pulse Oximetry" [wikipedia.org] which measures the ratio of oxygenated vs. deoxygenated hemoglobin in the blood b

When will the public realize that all of these biometric systems are defeatable? You're just adding another layer of data that can also be faked. You know what can't easily be faked or spoofed? Sufficiently strong public-key cryptography. So let's get it over with and start assigning giant private keys to everyone on the planet and dealing with the infrastructure issues and loss/replacement stuff (similar to passports today, I imagine). Then it's easy to authenticate anyone: they just sign data with th

Show me a biometric test that can't be spoofed for 10% the cost of the test hardware. Go ahead, I dare ya.Fake retinas and fake fingerprints took, what, a couple weeks to show up after their respective scanners went into production? Why should any other sort of bio-scanner/detector be any different?

Because no one has ever gotten past a guard by wearing a uniform and carrying a large box. Or by bribing them. Or by threatening them or their family (we are talking about chopping people's fingers off to use in a fingerprint scanner). Or by faking an ID. And so on.

Does this device offer the least bit of protection against the "gummy bear attack" (i.e. a thin molded replica fingerprint, formed from, e.g., etched gelatin, over a living finger)? If not, then it's pretty useless (because lugging around a whole dead body or even severed finger is already riskier/harder than a simple replacement mold).

Possibly. My experience is with fingerprint swipe sensors, not fingerprint placement sensors, and with those the gummi bear mold has to be fairly thick to survive a swipe over the sensor. The thickness tends to block the light from such optical sensor, and so the attempt is detected and blocked. With a placement sensor, the gummi bear mold could probably be made thinner; I don't know if it can be made thin enough.

As long as you don't have a Gummy bear that has the right IR absorbtion profile, yes it will defeat it.

However, I can't imagine that if you're going to the trouble to reproduce fingerprints or activate latent ones that you couldn't do it using a material that has the right IR spectrum. Most likely they're just transmitting light and measuring relative absorbance at a few wavelengths, and it should be easy to make a plastic film that passes for blood in this test.

I haven't put a gummy bear on a spectrometer to check, but my naive guess is that plain gelatin (which is basically boiled-down skin and connective tissue bits anyway) would already have a very similar transmission profile to skin (e.g. fairly transparent with no strong/distinctive spectral features), so you wouldn't even need to search for fancier materials. Not that a little materials research would likely be a major deterrent to an attacker who is already willing to *murder and hack off body parts* to de

Likely the case, but you'd still need to emulate the absorption spectra of oxygenated hemoglobin (to whatever resolution it is actually measured at - which isn't likely to be terribly accurate in a cheap and compact device). Again, probably just a piece of plastic with the right characteristics somewhere in the light path.

No, you don't need to "emulate the absorption spectra of oxygenated hemoglobin" --- the whole idea of the "gummy bear attack" is to put a thin fingerprint-replica cover, with material properties extremely similar to a layer of skin, over your real live finger (which provides the color, pulse, temperature, conductivity, elasticity, etc. of a living human, and can be used in plain sight of a security guard monitoring the scanner). A thin gelatin layer is likely to be very difficult to distinguish from a sligh

I read about this at least 10 years ago when some Japanese ATMs were going with fingerprints. They looked at the blood flowing through the skin to make sure they were looking at a live finger and also not just a faked fingerprint on a live finger.

Whoop-de-doo. There are several outfits that have done something similar over the years, including companies that have tens of thousands of fingerprint devices out on the street already. I would be somewhat surprised if the tech covered in this article is not already patented by Lumidigm [lumidigm.com] or somebody like them.

"Liveness checks" have been a part of fingerprint tech for many years now, ever since the famous "ghosting" attack on the early L-1 and Cross Match sensors. Whoever wrote the article didn't do their ho

I remember when fingerprint scanners first started getting widespread use people asked about "what if someone lifts my fingerprint, or worse, cuts off my finger?" and the manufacturers all said "Don't worry, it only works on live fingers." Then people tried it and discovered that yes, you can lift someone's fingerprint duplicate it, and the scanner is more than happy to take it. Luckily the latter has not proven popular (I don't know of any case of someone having a body part severed to defeat a biometric

It can's detect silicone fingerprints. The cool thing about these, is that you don't have to cut off someones thumb and distracting a salesgirl while you press it to a scanner, you just act like nothing's wrong and thumb away.

I'm surprised anyone with even half a brain could have decided that a pulse was enough.Guns can make people do amazing things, like placing their prints wherever the guy controlling the gun wants them placed.You could engineer a pump to drive pulsed blood through the capillaries.Heck,

You could engineer a pump to drive pulsed blood through the capillaries.Heck, you could even heat the blood while you're pumping it. (This device does not detect temperature btw)

It is a solution, certainly, but wrought with a myriad of flaws. This ought to be a very long time to market I expect. Unless of course, they decide to give the job of redesigning the scanner to someone who's passed the fourth grade.

I didn't see it above, but this comment is the perfect place for the obligatory xkcd reference:http://xkcd.com/538/ [xkcd.com]

Bwa haha! I should have seen the obvious connection before I submitted my comment or I'd have made the reference myself. But with good souls like yours, this world shall never lack in welcome sharp minded assistance.;)

I have Raynaud's syndrome. There are times when it's cold and I've gone to the doctor's visit. They put the little gadget on my finger to take a reading and it doesn't work because the ends of my fingers are white. Will suck the first time I can't buy something because of this.

Well, yes, they have. We build fingerprint swipe sensors where that attack is meaningless - the sensing surface is a single line that you "swipe" your finger across. Your suggested attack would, in the absolute worst case, cause the capture of a 50 micron tall line across the finger. Good luck getting that to match.

There are roughly a gajillion different designs of fingerprint sensors that have been built over the last 30 years. Many of them can be spoofed trivially (such as your attack), others are far